๐ฉ๐ช
Sรฉfora Srl
2026-07-11 19:04:18
(23 hours ago)
Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ...
show more
Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail
show less
Bad Web Bot
๐ง๐พ
lns.bz
2026-05-22 15:01:54
(1 month ago)
.env scanning [BY]
Web App Attack
๐บ๐ธ
mawan
2026-04-29 05:26:52
(2 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2026-02-15 04:22:01
(4 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2026-01-13 09:51:59
(5 months ago)
172.71.103.51 - - [13/Jan/2026:09:51:58 +0000] "GET /.env HTTP/1.1" 404 233 "-" "Mozilla/5.0 (Window ...
show more
172.71.103.51 - - [13/Jan/2026:09:51:58 +0000] "GET /.env HTTP/1.1" 404 233 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "195.178.110.132"
172.71.103.51 - - [13/Jan/2026:09:51:58 +0000] "GET /.env HTTP/1.1" 404 233 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "195.178.110.132"
172.71.103.51 - - [13/Jan/2026:09:51:58 +0000] "GET /.env.bak HTTP/1.1" 404 233 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "195.178.110.132"
172.71.103.51 - - [13/Jan/2026:09:51:58 +0000] "GET /.env.save HTTP/1.1" 404 233 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" "195.178.110.132"
172.71.103.51 - - [13/Jan/2026:09:51:59 +0000] "GET /.git/config HTTP/1.1" 404 233 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/13
...
show less
Port Scan
Brute-Force
๐บ๐ธ
mawan
2025-11-13 02:27:26
(7 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2025-11-08 22:13:39
(8 months ago)
Blocked by UFW (TCP on 2083)
Source port: 14273
TTL: 51
Packet length: 60
TOS: 0x14
This report (fo ...
show more
Blocked by UFW (TCP on 2083)
Source port: 14273
TTL: 51
Packet length: 60
TOS: 0x14
This report (for 172.71.103.51) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ฉ๐ช
ps-center
2025-09-05 09:56:28
(10 months ago)
SS1: Web Attack GET /admin.php?action=p&api=p&path=p&token=
Web Spam
Hacking
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2025-09-03 02:39:36
(10 months ago)
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /admin/.env
UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
thefoofighter
2025-08-08 08:42:59
(11 months ago)
[Fri Aug 08 08:42:56.102721 2025] [:error] [pid 1048566] [client 172.71.103.51:50184] [client 172.71 ...
show more
[Fri Aug 08 08:42:56.102721 2025] [:error] [pid 1048566] [client 172.71.103.51:50184] [client 172.71.103.51] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.cathalmcnally.com"] [uri "/ebextensions.config"] [unique_id "aJW4kNAkjKi6mdnypzvnrwAAAAo"]
[Fri Aug 08 08:42:59.300902 2025] [:error] [pid 1048566] [client 172.71.103.51:50184] [client 172.71.103.51] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [
...
show less
Bad Web Bot
Web App Attack
๐น๐ผ
kk_it_man
2025-07-30 14:24:02
(11 months ago)
Port Scan
Anonymous
2025-05-28 01:29:06
(1 year ago)
[Wed May 28 03:29:05.157497 2025] [authz_core:error] [pid 12467] [client 172.71.103.51:63968] AH0163 ...
show more
[Wed May 28 03:29:05.157497 2025] [authz_core:error] [pid 12467] [client 172.71.103.51:63968] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Wed May 28 03:29:05.201353 2025] [authz_core:error] [pid 12467] [client 172.71.103.51:63968] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Wed May 28 03:29:05.246310 2025] [authz_core:error] [pid 12467] [client 172.71.103.51:63968] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐บ๐ธ
mawan
2025-05-18 05:02:40
(1 year ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ณ๐ฑ
Study Bitcoin ๐ค
2025-05-17 13:44:37
(1 year ago)
Port probe to tcp/80 (http)
[srv125]
Port Scan
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-16 13:35:28
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 172.71.103.51 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.103.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 16 09:35:23.685430 2025] [security2:error] [pid 3404324:tid 3404324] [client 172.71.103.51:39376] [client 172.71.103.51] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.puertaalcieloisla.com"] [uri "/.env"] [unique_id "aCc_Gzuazewz1fxlUBhNvAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack